Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

trojan horse clicker.aeyb


  • Please log in to reply

#1
noname79

noname79

    New Member

  • Member
  • Pip
  • 1 posts
olt:

OTL logfile created on: 04-02-2010 17:16:12 - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\hansen\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 724,43 Gb Free Space | 77,77% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 14,85 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 465,76 Gb Total Space | 237,30 Gb Free Space | 50,95% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 232,88 Gb Total Space | 134,02 Gb Free Space | 57,55% Space Free | Partition Type: NTFS
Drive L: | 1,86 Gb Total Space | 0,74 Gb Free Space | 40,06% Space Free | Partition Type: FAT32

Computer Name: HANSEN-PC
Current User Name: hansen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010-02-04 17:00:15 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe
PRC - [2010-01-28 20:25:15 | 002,033,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgtray.exe
PRC - [2010-01-28 20:25:15 | 001,055,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgchsvx.exe
PRC - [2010-01-28 20:25:15 | 000,702,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgcsrvx.exe
PRC - [2010-01-28 20:25:15 | 000,600,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgnsx.exe
PRC - [2010-01-28 20:25:15 | 000,503,576 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgrsx.exe
PRC - [2010-01-28 20:25:14 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgemc.exe
PRC - [2010-01-28 20:25:11 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe
PRC - [2010-01-23 16:45:33 | 000,289,584 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\utorrent .exe
PRC - [2010-01-16 04:11:49 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010-01-05 07:56:02 | 002,002,160 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009-10-31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009-10-30 12:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
PRC - [2009-09-27 17:47:00 | 000,215,656 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2009-07-14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009-01-26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe


========== Modules (SafeList) ==========

MOD - [2010-02-04 17:00:15 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe
MOD - [2009-07-14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009-07-14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009-07-14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009-07-14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009-07-14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009-07-14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009-07-14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009-07-14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009-07-14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009-07-14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2009-07-14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010-01-28 20:25:14 | 000,906,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgemc.exe -- (avg9emc)
SRV - [2010-01-28 20:25:11 | 000,285,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG9\avgwdsvc.exe -- (avg9wd)
SRV - [2009-09-27 17:47:00 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\System32\nvvsvc.exe -- (nvsvc)
SRV - [2009-07-14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009-07-14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009-07-14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009-07-14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009-07-14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009-07-14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009-07-14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009-07-14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc) PNRP (Peer Name Resolution Protocol)
SRV - [2009-07-14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009-07-14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009-07-14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009-07-14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009-07-14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009-07-14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009-07-14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009-07-14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009-07-14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009-07-14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-installationsprogram (AxInstSV)
SRV - [2009-07-14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009-07-14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009-01-26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.danskeba...es/default.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = da
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BE 0D 8F 61 CD 9A CA 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "BearShare Web Search"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.co...la:da:official"
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.2
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.09
FF - prefs.js..extensions.enabledItems: [email protected]:1.63.20091024
FF - prefs.js..extensions.enabledItems: [email protected]:0.9.8b
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.716
FF - prefs.js..extensions.enabledItems: [email protected]:1.1.1.0014
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.87
FF - prefs.js..extensions.enabledItems: {43505cd0-6e9a-11da-8cd6-0800200c9a66}:0.5.1
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010-01-28 20:25:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-01-28 19:52:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-01-30 11:24:24 | 000,000,000 | ---D | M]

[2010-01-21 20:12:25 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\mozilla\Extensions
[2010-02-04 17:01:08 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions
[2010-01-22 18:10:51 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010-01-22 18:19:10 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010-01-22 18:13:43 | 000,000,000 | ---D | M] (Simpler Glass) -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\{43505cd0-6e9a-11da-8cd6-0800200c9a66}
[2010-01-30 23:56:47 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\[email protected]
[2010-01-21 20:31:58 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\[email protected]
[2010-01-22 18:33:59 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\[email protected]
[2010-01-23 11:35:58 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\[email protected]
[2010-01-22 18:10:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\hansen\AppData\Roaming\mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2009-12-03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Users\hansen\AppData\Roaming\Mozilla\FireFox\Profiles\sfyqnyp0.default\searchplugins\BearShareWebSearch.xml
[2010-01-30 23:56:44 | 000,002,055 | ---- | M] () -- C:\Users\hansen\AppData\Roaming\Mozilla\FireFox\Profiles\sfyqnyp0.default\searchplugins\daemon-search.xml
[2010-02-04 17:01:08 | 000,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2010-01-16 02:16:05 | 000,001,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-co-uk.xml
[2009-12-03 10:54:24 | 000,002,476 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2010-01-16 02:16:05 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-da.xml
[2010-01-16 02:16:05 | 000,000,799 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-dk.xml

O1 HOSTS File: ([2009-06-10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [uTorrent] C:\program files\utorrent\utorrent .exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: danskebank.dk ([]* in Websteder, du har tillid til)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} https://netbank.dans...B/e-Safekey.cab (e-Safekey)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.150.129.4 89.150.129.10 89.150.129.4
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (app_dll.dll) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009-06-10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008-03-02 00:52:10 | 000,000,000 | ---- | M] () - K:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2009-07-14 03:37:08 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

========== Files/Folders - Created Within 14 Days ==========

[2010-02-04 17:00:15 | 000,548,864 | ---- | C] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe
[2010-02-04 16:59:09 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\bent
[2010-02-04 16:55:14 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\gmer
[2010-02-04 16:54:17 | 000,000,000 | ---D | C] -- C:\Users\hansen\04-02-2010
[2010-02-04 16:52:25 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010-02-04 16:47:02 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\hansen\Desktop\erunt_setup.exe
[2010-02-04 16:46:33 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Users\hansen\Desktop\TFC.exe
[2010-02-04 16:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010-02-04 16:44:31 | 000,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\hansen\Desktop\HijackThisInstaller.exe
[2010-02-03 17:54:42 | 000,000,000 | ---D | C] -- C:\Users\hansen\DoctorWeb
[2010-02-03 17:35:23 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2010-02-03 17:33:26 | 003,370,400 | ---- | C] (Piriform Ltd) -- C:\Users\hansen\Desktop\ccsetup228.exe
[2010-02-02 17:42:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010-02-02 17:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2010-02-02 17:40:19 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\hansen\Desktop\spybotsd162.exe
[2010-02-02 12:43:10 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Street+legal+Racing+Redline+-+v2.2.1+to+v2.2.1+Mwm
[2010-02-02 12:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\Street Legal Racing - Redline
[2010-02-01 19:45:58 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Ford_Maverick_230LE_por_nightriderbr
[2010-02-01 19:45:53 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Nightrider BR New Sounds mod V1.0
[2010-02-01 19:44:22 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Garage
[2010-01-31 15:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\Fix-It-Up - World Tour
[2010-01-31 15:27:22 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Bigfish-Fix-It-Up World Tour-by ozgurd
[2010-01-31 15:16:05 | 000,000,000 | ---D | C] -- C:\Windows\.jagex_cache_32
[2010-01-31 15:14:34 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Avatar.2009.Custom.DKSubs.TELESYNC.720p.SOURCE.PAL.DVDR-UglySubbers
[2010-01-31 02:02:04 | 000,000,000 | ---D | C] -- C:\Program Files\Total Video Converter
[2010-01-31 02:01:01 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Total Video Convert v3.50 + Serial Number [Andy0004]
[2010-01-31 00:06:28 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\DVD Flick
[2010-01-31 00:06:21 | 000,081,920 | ---- | C] (Marco Bellinaso) -- C:\Windows\System32\mbmouse.ocx
[2010-01-31 00:06:21 | 000,036,864 | ---- | C] (Robdogg Inc.) -- C:\Windows\System32\trayicon.ocx
[2010-01-31 00:06:21 | 000,000,000 | ---D | C] -- C:\Program Files\MKV to DVD Converter
[2010-01-30 23:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Toolbar
[2010-01-30 23:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2010-01-30 23:55:18 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\DAEMON Tools Lite
[2010-01-30 23:55:15 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010-01-30 23:53:39 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\DAEMON Tools Pro
[2010-01-30 23:53:39 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2010-01-30 23:46:45 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\dvdcss
[2010-01-30 15:11:03 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Avi2dvd_temp
[2010-01-30 14:59:11 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid
[2010-01-30 14:58:49 | 000,060,273 | ---- | C] (Open Source Software community project) -- C:\Windows\System32\pthreadGC2.dll
[2010-01-30 14:58:49 | 000,000,000 | ---D | C] -- C:\Program Files\ffdshow
[2010-01-30 14:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010-01-30 14:57:29 | 000,000,000 | ---D | C] -- C:\Program Files\Avi2Dvd
[2010-01-30 14:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\MKVtoolnix
[2010-01-30 13:30:06 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\Avatar.2009.Custom.DK.TELESYNC.720P.X264-PrisM
[2010-01-30 13:26:04 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\nzb
[2010-01-30 00:50:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010-01-30 00:49:32 | 000,000,000 | -H-D | C] -- C:\ProgramData\~0
[2010-01-30 00:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2010-01-29 16:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010-01-29 16:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010-01-29 16:40:45 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\Adobe
[2010-01-29 16:26:33 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010-01-28 20:25:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010-01-28 20:25:38 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010-01-28 20:25:37 | 000,360,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010-01-28 20:25:31 | 000,333,192 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010-01-28 20:25:30 | 000,028,424 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010-01-28 20:25:22 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\Avg
[2010-01-28 20:25:10 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010-01-28 20:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010-01-28 20:20:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010-01-28 20:02:55 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\Apps
[2010-01-28 19:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2010-01-28 19:06:26 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010-01-28 19:06:25 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\SUPERAntiSpyware.com
[2010-01-28 18:49:52 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Malwarebytes
[2010-01-28 18:49:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010-01-28 18:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010-01-28 18:49:20 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010-01-28 18:49:19 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010-01-28 18:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2010-01-28 17:22:45 | 000,000,000 | ---D | C] -- C:\Program Files\SpeedFan
[2010-01-27 22:13:27 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010-01-27 21:04:18 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010-01-27 19:44:35 | 000,000,000 | ---D | C] -- C:\ProgramData\e-Safekey
[2010-01-25 20:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\Street Legal Racing1
[2010-01-24 19:56:43 | 000,679,936 | ---- | C] (Generated by JEDI) -- C:\Windows\System32\D3DX81ab.dll
[2010-01-24 19:56:36 | 000,000,000 | ---D | C] -- C:\Program Files\Cheat Engine
[2010-01-24 14:15:51 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\World-Loom
[2010-01-23 23:39:15 | 000,000,000 | ---D | C] -- C:\Users\hansen\Desktop\div
[2010-01-23 23:25:30 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\vlc
[2010-01-23 23:23:25 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2010-01-23 23:17:32 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\FrostWire
[2010-01-23 23:16:50 | 000,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2010-01-23 17:22:20 | 000,483,328 | ---- | C] (SoftShape Development) -- C:\Windows\System32\actskn45.ocx
[2010-01-23 16:45:33 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010-01-23 16:43:27 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\uTorrent
[2010-01-22 20:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy3_America
[2010-01-22 20:26:48 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\AlawarWrapper
[2010-01-22 20:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\AlawarWrapper
[2010-01-22 20:26:34 | 000,000,000 | ---D | C] -- C:\Windows\Farm Frenzy 3 American Pie
[2010-01-22 20:26:34 | 000,000,000 | ---D | C] -- C:\Program Files\Farm Frenzy 3 American Pie
[2010-01-22 19:06:50 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\ImgBurn
[2010-01-22 18:38:06 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\ElevatedDiagnostics
[2010-01-22 18:05:56 | 000,000,000 | ---D | C] -- C:\Program Files\ImgBurn
[2010-01-22 18:04:35 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\WinRAR
[2010-01-22 18:04:13 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010-01-22 18:02:08 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2010-01-22 18:02:03 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2010-01-22 04:50:29 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010-01-22 04:33:46 | 000,000,000 | ---D | C] -- C:\Windows.old
[2010-01-21 22:20:10 | 000,000,000 | ---D | C] -- C:\Users\hansen\klar
[2010-01-21 22:18:17 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\GrabIt
[2010-01-21 22:16:55 | 000,000,000 | ---D | C] -- C:\Program Files\GrabIt
[2010-01-21 22:10:08 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\SuperNZB
[2010-01-21 22:10:05 | 000,935,424 | ---- | C] (J.C. Kessels) -- C:\Windows\System32\MyDefragScreenSaver.exe
[2010-01-21 22:10:03 | 000,000,000 | ---D | C] -- C:\Program Files\MyDefrag v4.2.7
[2010-01-21 22:08:05 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2010-01-21 22:07:42 | 000,000,000 | ---D | C] -- C:\Intel
[2010-01-21 22:04:46 | 000,000,000 | ---D | C] -- C:\Program Files\Setup Files
[2010-01-21 22:01:26 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2010-01-21 22:01:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010-01-21 22:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010-01-21 22:00:54 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2010-01-21 21:59:49 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010-01-21 21:22:45 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Macromedia
[2010-01-21 21:22:45 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Adobe
[2010-01-21 21:22:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010-01-21 20:57:23 | 000,000,000 | ---D | C] -- C:\Users\hansen\Tracing
[2010-01-21 20:56:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2010-01-21 20:55:59 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2010-01-21 20:55:49 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010-01-21 20:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive
[2010-01-21 20:55:18 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010-01-21 20:54:59 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010-01-21 20:49:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live
[2010-01-21 20:47:27 | 000,000,000 | ---D | C] -- C:\Windows\da-DK
[2010-01-21 20:47:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\XPSViewer
[2010-01-21 20:47:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\da-DK
[2010-01-21 20:46:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\da
[2010-01-21 20:41:09 | 000,003,584 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\System32\drivers\da-DK\pscr.sys.mui
[2010-01-21 20:41:04 | 000,033,280 | ---- | C] (Marvell) -- C:\Windows\System32\drivers\da-DK\yk62x86.sys.mui
[2010-01-21 20:40:28 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerIb.sys.mui
[2010-01-21 20:40:28 | 000,010,240 | ---- | C] (Agere Systems) -- C:\Windows\System32\drivers\da-DK\ltmdmnt.sys.mui
[2010-01-21 20:40:26 | 000,010,240 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrSerId.sys.mui
[2010-01-21 20:40:26 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\drivers\da-DK\BrParwdm.sys.mui
[2010-01-21 20:38:52 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\Microsoft Games
[2010-01-21 20:38:28 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010-01-21 20:23:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010-01-21 20:23:30 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010-01-21 20:12:18 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Mozilla
[2010-01-21 20:12:18 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\Mozilla
[2010-01-21 20:11:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2010-01-21 20:03:39 | 000,000,000 | R--D | C] -- C:\Users\hansen\Searches
[2010-01-21 20:03:31 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Identities
[2010-01-21 20:03:29 | 000,000,000 | R--D | C] -- C:\Users\hansen\Contacts
[2010-01-21 20:03:24 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\VirtualStore
[2010-01-21 20:03:22 | 000,000,000 | --SD | C] -- C:\Users\hansen\AppData\Roaming\Microsoft
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Videos
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Saved Games
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Pictures
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Music
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Links
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Favorites
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Downloads
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Documents
[2010-01-21 20:03:22 | 000,000,000 | R--D | C] -- C:\Users\hansen\Desktop
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\AppData\Local\Temporary Internet Files
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Templates
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Start Menu
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\SendTo
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Recent
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\PrintHood
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\NetHood
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Documents\My Videos
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Documents\My Pictures
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Documents\My Music
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\My Documents
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Local Settings
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\AppData\Local\History
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Cookies
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\Application Data
[2010-01-21 20:03:22 | 000,000,000 | -HSD | C] -- C:\Users\hansen\AppData\Local\Application Data
[2010-01-21 20:03:22 | 000,000,000 | -H-D | C] -- C:\Users\hansen\AppData
[2010-01-21 20:03:22 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\Temp
[2010-01-21 20:03:22 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Local\Microsoft
[2010-01-21 20:03:22 | 000,000,000 | ---D | C] -- C:\Users\hansen\AppData\Roaming\Media Center Programs
[2010-01-21 20:03:04 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010-01-21 19:54:27 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010-01-21 19:52:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2010-01-21 19:52:19 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

========== Files - Modified Within 14 Days ==========

[2010-02-04 17:17:46 | 001,572,864 | -HS- | M] () -- C:\Users\hansen\NTUSER.DAT
[2010-02-04 17:00:15 | 000,548,864 | ---- | M] (OldTimer Tools) -- C:\Users\hansen\Desktop\OTL.exe
[2010-02-04 17:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At42.job
[2010-02-04 16:57:01 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010-02-04 16:57:01 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010-02-04 16:54:57 | 000,284,915 | ---- | M] () -- C:\Users\hansen\Desktop\gmer.zip
[2010-02-04 16:52:32 | 000,000,894 | ---- | M] () -- C:\Users\hansen\Desktop\NTREGOPT.lnk
[2010-02-04 16:52:32 | 000,000,875 | ---- | M] () -- C:\Users\hansen\Desktop\ERUNT.lnk
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2010-02-04 16:49:38 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010-02-04 16:49:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010-02-04 16:49:11 | 1610,162,176 | -HS- | M] () -- C:\hiberfil.sys
[2010-02-04 16:47:03 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\hansen\Desktop\erunt_setup.exe
[2010-02-04 16:46:33 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Users\hansen\Desktop\TFC.exe
[2010-02-04 16:44:31 | 000,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\hansen\Desktop\HijackThisInstaller.exe
[2010-02-04 16:24:45 | 001,240,086 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010-02-04 16:24:45 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010-02-04 16:24:45 | 000,461,056 | ---- | M] () -- C:\Windows\System32\perfh006.dat
[2010-02-04 16:24:45 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010-02-04 16:24:45 | 000,076,548 | ---- | M] () -- C:\Windows\System32\perfc006.dat
[2010-02-04 16:18:11 | 002,018,279 | -H-- | M] () -- C:\Users\hansen\AppData\Local\IconCache.db
[2010-02-04 16:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At41.job
[2010-02-04 15:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At40.job
[2010-02-04 14:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At39.job
[2010-02-04 13:00:20 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At38.job
[2010-02-04 12:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At37.job
[2010-02-04 11:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At36.job
[2010-02-04 10:00:01 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At35.job
[2010-02-04 09:13:43 | 055,061,357 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010-02-04 09:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At34.job
[2010-02-04 08:00:09 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At9.job
[2010-02-04 07:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At8.job
[2010-02-04 06:00:22 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At7.job
[2010-02-04 05:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At6.job
[2010-02-04 04:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010-02-04 03:00:11 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010-02-04 02:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010-02-04 01:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010-02-04 00:04:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010-02-03 22:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At47.job
[2010-02-03 21:00:19 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At46.job
[2010-02-03 20:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At45.job
[2010-02-03 19:40:32 | 000,007,598 | ---- | M] () -- C:\Users\hansen\AppData\Local\resmon.resmoncfg
[2010-02-03 19:00:02 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At44.job
[2010-02-03 18:00:01 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At43.job
[2010-02-03 17:53:07 | 029,573,632 | ---- | M] () -- C:\Users\hansen\Desktop\drweb-cureit.exe
[2010-02-03 17:42:37 | 000,014,508 | ---- | M] () -- C:\Users\hansen\Documents\cc_20100203_174140.reg
[2010-02-03 17:35:25 | 000,001,831 | ---- | M] () -- C:\Users\hansen\Desktop\CCleaner.lnk
[2010-02-03 17:33:27 | 003,370,400 | ---- | M] (Piriform Ltd) -- C:\Users\hansen\Desktop\ccsetup228.exe
[2010-02-02 17:42:34 | 000,001,216 | ---- | M] () -- C:\Users\hansen\Desktop\Spybot - Search & Destroy.lnk
[2010-02-02 17:40:32 | 016,409,960 | ---- | M] (Safer Networking Limited ) -- C:\Users\hansen\Desktop\spybotsd162.exe
[2010-02-02 13:08:11 | 000,002,165 | ---- | M] () -- C:\Users\Public\Desktop\Street Legal Racing - Redline.lnk
[2010-02-02 12:27:53 | 037,650,093 | ---- | M] () -- C:\Users\hansen\Desktop\Street+legal+Racing+Redline+-+v2.2.1+to+v2.2.1+Mwm.rar
[2010-02-02 12:17:47 | 000,001,583 | ---- | M] () -- C:\Users\hansen\Desktop\StreetLegal_Redline - Genvej.lnk
[2010-02-01 19:19:31 | 002,843,536 | ---- | M] () -- C:\Users\hansen\Desktop\Ford_Maverick_230LE_por_nightriderbr.rar
[2010-02-01 19:18:10 | 000,025,106 | ---- | M] () -- C:\Users\hansen\Desktop\Garage.rar
[2010-02-01 19:17:23 | 013,649,483 | ---- | M] () -- C:\Users\hansen\Desktop\Nightrider BR New Sounds mod V1.0.rar
[2010-01-31 15:31:27 | 000,004,096 | ---- | M] () -- C:\Windows\d3dx.dat
[2010-01-31 10:05:19 | 000,057,952 | ---- | M] () -- C:\Users\hansen\AppData\Local\GDIPFONTCACHEV1.DAT
[2010-01-31 10:04:57 | 000,267,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010-01-31 02:02:11 | 000,000,947 | ---- | M] () -- C:\Users\hansen\Desktop\Total Video Player.lnk
[2010-01-31 02:02:11 | 000,000,947 | ---- | M] () -- C:\Users\hansen\Desktop\Total Video Converter.lnk
[2010-01-31 00:06:24 | 000,001,003 | ---- | M] () -- C:\Users\Public\Desktop\MKV to DVD Convert.lnk
[2010-01-30 23:56:24 | 000,001,896 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-01-30 23:55:52 | 000,691,696 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010-01-30 15:20:28 | 000,004,608 | ---- | M] () -- C:\Users\hansen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-30 14:57:30 | 000,000,949 | ---- | M] () -- C:\Users\hansen\Desktop\Avi2Dvd.lnk
[2010-01-30 14:44:46 | 330,444,013 | ---- | M] () -- C:\Users\hansen\Desktop\Prismavatar.mkv
[2010-01-30 14:38:36 | 000,001,834 | ---- | M] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2010-01-28 20:25:38 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
[2010-01-28 20:25:37 | 000,360,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2010-01-28 20:25:31 | 000,333,192 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgldx86.sys
[2010-01-28 20:25:30 | 000,113,461 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010-01-28 20:25:30 | 000,028,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgmfx86.sys
[2010-01-28 20:25:22 | 006,061,540 | ---- | M] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010-01-28 20:25:22 | 000,492,629 | ---- | M] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010-01-28 20:25:22 | 000,142,495 | ---- | M] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010-01-28 19:53:53 | 000,001,237 | ---- | M] () -- C:\Users\hansen\Desktop\taskmgr.lnk
[2010-01-28 18:53:06 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\At48.job
[2010-01-28 17:22:45 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2010-01-28 03:27:43 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\At33.job
[2010-01-27 22:11:42 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\At13.job
[2010-01-27 22:11:41 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At12.job
[2010-01-27 22:11:40 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At11.job
[2010-01-27 22:11:32 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\At10.job
[2010-01-23 17:35:16 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-01-22 20:26:44 | 000,002,079 | ---- | M] () -- C:\Users\hansen\Desktop\Farm Frenzy 3 American Pie.lnk
[2010-01-22 04:50:17 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010-01-22 04:50:16 | 000,000,477 | RHS- | M] () -- C:\Boot.ini.saved
[2010-01-21 20:45:36 | 000,306,636 | ---- | M] () -- C:\Windows\System32\perfi006.dat
[2010-01-21 20:45:36 | 000,039,236 | ---- | M] () -- C:\Windows\System32\perfd006.dat
[2010-01-21 20:14:50 | 000,438,840 | RHS- | M] () -- C:\bootxe2
[2010-01-21 20:14:50 | 000,171,136 | RHS- | M] () -- C:\XELD2
[2010-01-21 20:14:50 | 000,009,216 | RHS- | M] () -- C:\XELD2.1st
[2010-01-21 20:07:57 | 000,524,288 | -HS- | M] () -- C:\Users\hansen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010-01-21 20:07:57 | 000,524,288 | -HS- | M] () -- C:\Users\hansen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010-01-21 20:07:57 | 000,065,536 | -HS- | M] () -- C:\Users\hansen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010-01-21 20:03:22 | 000,000,020 | -HS- | M] () -- C:\Users\hansen\ntuser.ini
[2010-01-21 19:56:57 | 000,042,045 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010-01-21 19:56:57 | 000,000,367 | RHS- | M] () -- C:\boot.ini
[2010-01-21 19:53:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2010-02-04 16:54:56 | 000,284,915 | ---- | C] () -- C:\Users\hansen\Desktop\gmer.zip
[2010-02-04 16:52:32 | 000,000,894 | ---- | C] () -- C:\Users\hansen\Desktop\NTREGOPT.lnk
[2010-02-04 16:52:32 | 000,000,875 | ---- | C] () -- C:\Users\hansen\Desktop\ERUNT.lnk
[2010-02-04 16:51:02 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 4).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 3).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 2).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Daily 1).job
[2010-02-03 17:52:47 | 029,573,632 | ---- | C] () -- C:\Users\hansen\Desktop\drweb-cureit.exe
[2010-02-03 17:41:51 | 000,014,508 | ---- | C] () -- C:\Users\hansen\Documents\cc_20100203_174140.reg
[2010-02-03 17:35:25 | 000,001,831 | ---- | C] () -- C:\Users\hansen\Desktop\CCleaner.lnk
[2010-02-02 17:42:34 | 000,001,216 | ---- | C] () -- C:\Users\hansen\Desktop\Spybot - Search & Destroy.lnk
[2010-02-02 13:08:11 | 000,002,165 | ---- | C] () -- C:\Users\Public\Desktop\Street Legal Racing - Redline.lnk
[2010-02-02 12:25:17 | 037,650,093 | ---- | C] () -- C:\Users\hansen\Desktop\Street+legal+Racing+Redline+-+v2.2.1+to+v2.2.1+Mwm.rar
[2010-02-02 12:17:47 | 000,001,583 | ---- | C] () -- C:\Users\hansen\Desktop\StreetLegal_Redline - Genvej.lnk
[2010-02-01 19:19:28 | 002,843,536 | ---- | C] () -- C:\Users\hansen\Desktop\Ford_Maverick_230LE_por_nightriderbr.rar
[2010-02-01 19:18:09 | 000,025,106 | ---- | C] () -- C:\Users\hansen\Desktop\Garage.rar
[2010-02-01 19:16:49 | 013,649,483 | ---- | C] () -- C:\Users\hansen\Desktop\Nightrider BR New Sounds mod V1.0.rar
[2010-01-31 15:31:27 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010-01-31 02:02:11 | 000,000,947 | ---- | C] () -- C:\Users\hansen\Desktop\Total Video Player.lnk
[2010-01-31 02:02:11 | 000,000,947 | ---- | C] () -- C:\Users\hansen\Desktop\Total Video Converter.lnk
[2010-01-31 00:06:24 | 000,001,003 | ---- | C] () -- C:\Users\Public\Desktop\MKV to DVD Convert.lnk
[2010-01-30 23:56:24 | 000,001,896 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2010-01-30 23:55:52 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010-01-30 15:05:06 | 000,004,608 | ---- | C] () -- C:\Users\hansen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010-01-30 15:01:19 | 330,444,013 | ---- | C] () -- C:\Users\hansen\Desktop\Prismavatar.mkv
[2010-01-30 14:59:11 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010-01-30 14:59:11 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010-01-30 14:59:11 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax
[2010-01-30 14:58:50 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010-01-30 14:57:30 | 000,000,949 | ---- | C] () -- C:\Users\hansen\Desktop\Avi2Dvd.lnk
[2010-01-30 14:38:36 | 000,001,834 | ---- | C] () -- C:\Users\Public\Desktop\mkvmerge GUI.lnk
[2010-01-28 20:25:30 | 000,113,461 | ---- | C] () -- C:\Windows\System32\drivers\Avg\iavichjw.avm
[2010-01-28 20:25:22 | 055,061,357 | ---- | C] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010-01-28 20:25:22 | 006,061,540 | ---- | C] () -- C:\Windows\System32\drivers\Avg\avi7.avg
[2010-01-28 20:25:22 | 000,492,629 | ---- | C] () -- C:\Windows\System32\drivers\Avg\miniavi.avg
[2010-01-28 20:25:22 | 000,142,495 | ---- | C] () -- C:\Windows\System32\drivers\Avg\microavi.avg
[2010-01-28 19:53:48 | 000,001,237 | ---- | C] () -- C:\Users\hansen\Desktop\taskmgr.lnk
[2010-01-28 18:53:03 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At48.job
[2010-01-28 18:53:01 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At47.job
[2010-01-28 18:52:54 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At46.job
[2010-01-28 18:52:46 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At45.job
[2010-01-28 18:52:45 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At44.job
[2010-01-28 18:52:45 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At43.job
[2010-01-28 18:52:42 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At42.job
[2010-01-28 18:52:40 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At41.job
[2010-01-28 18:52:39 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At40.job
[2010-01-28 18:52:31 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At39.job
[2010-01-28 18:52:30 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At38.job
[2010-01-28 18:52:27 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At37.job
[2010-01-28 18:52:27 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At36.job
[2010-01-28 18:52:26 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At35.job
[2010-01-28 18:52:25 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At34.job
[2010-01-28 18:51:56 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At9.job
[2010-01-28 18:51:20 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At8.job
[2010-01-28 18:51:10 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At7.job
[2010-01-28 18:50:57 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At6.job
[2010-01-28 17:45:46 | 000,007,598 | ---- | C] () -- C:\Users\hansen\AppData\Local\resmon.resmoncfg
[2010-01-28 17:44:42 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At5.job
[2010-01-28 17:43:23 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At4.job
[2010-01-28 17:43:15 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At3.job
[2010-01-28 17:43:12 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010-01-28 17:43:09 | 000,000,358 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010-01-28 17:22:43 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2010-01-28 17:12:34 | 1610,162,176 | -HS- | C] () -- C:\hiberfil.sys
[2010-01-28 03:27:43 | 000,000,290 | ---- | C] () -- C:\Windows\tasks\At33.job
[2010-01-27 22:11:42 | 000,000,312 | ---- | C] () -- C:\Windows\tasks\At13.job
[2010-01-27 22:11:40 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\At12.job
[2010-01-27 22:11:32 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\At11.job
[2010-01-27 22:11:24 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\At10.job
[2010-01-24 19:56:44 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010-01-23 17:35:16 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2010-01-23 17:22:50 | 000,076,407 | ---- | C] () -- C:\Users\hansen\AppData\Roaming\Smiley.ico
[2010-01-22 20:26:44 | 000,002,079 | ---- | C] () -- C:\Users\hansen\Desktop\Farm Frenzy 3 American Pie.lnk
[2010-01-22 04:50:17 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010-01-21 22:10:04 | 000,093,696 | ---- | C] () -- C:\Windows\System32\MyDefragScreenSaver.scr
[2010-01-21 20:48:33 | 000,461,056 | ---- | C] () -- C:\Windows\System32\perfh006.dat
[2010-01-21 20:48:33 | 000,306,636 | ---- | C] () -- C:\Windows\System32\perfi006.dat
[2010-01-21 20:48:33 | 000,076,548 | ---- | C] () -- C:\Windows\System32\perfc006.dat
[2010-01-21 20:48:33 | 000,039,236 | ---- | C] () -- C:\Windows\System32\perfd006.dat
[2010-01-21 20:14:50 | 000,438,840 | RHS- | C] () -- C:\bootxe2
[2010-01-21 20:14:50 | 000,171,136 | RHS- | C] () -- C:\XELD2
[2010-01-21 20:14:50 | 000,009,216 | RHS- | C] () -- C:\XELD2.1st
[2010-01-21 20:03:22 | 001,572,864 | -HS- | C] () -- C:\Users\hansen\NTUSER.DAT
[2010-01-21 20:03:22 | 000,524,288 | -HS- | C] () -- C:\Users\hansen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2010-01-21 20:03:22 | 000,524,288 | -HS- | C] () -- C:\Users\hansen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010-01-21 20:03:22 | 000,065,536 | -HS- | C] () -- C:\Users\hansen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010-01-21 20:03:22 | 000,000,020 | -HS- | C] () -- C:\Users\hansen\ntuser.ini
[2010-01-21 19:53:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2009-07-14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009-07-14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009-04-14 07:43:32 | 000,154,144 | ---- | C] () -- C:\Windows\System32\RTLCPAPI.dll
[1996-04-03 20:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

========== LOP Check ==========

[2010-01-31 00:03:08 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\DAEMON Tools Lite
[2010-01-30 23:53:39 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\DAEMON Tools Pro
[2010-01-23 23:39:03 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\FrostWire
[2010-01-26 21:46:59 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\GrabIt
[2010-01-22 19:47:04 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\ImgBurn
[2010-01-21 22:15:41 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\SuperNZB
[2010-02-04 17:18:22 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\uTorrent
[2010-01-24 14:15:51 | 000,000,000 | ---D | M] -- C:\Users\hansen\AppData\Roaming\World-Loom
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 1).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 2).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 3).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Daily 4).job
[2010-02-04 16:51:02 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2010-02-04 00:04:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010-01-27 22:11:32 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At10.job
[2010-01-27 22:11:40 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At11.job
[2010-01-27 22:11:41 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\At12.job
[2010-01-27 22:11:42 | 000,000,312 | ---- | M] () -- C:\Windows\Tasks\At13.job
[2010-02-04 01:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2010-02-04 02:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2010-01-28 03:27:43 | 000,000,290 | ---- | M] () -- C:\Windows\Tasks\At33.job
[2010-02-04 09:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At34.job
[2010-02-04 10:00:01 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At35.job
[2010-02-04 11:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At36.job
[2010-02-04 12:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At37.job
[2010-02-04 13:00:20 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At38.job
[2010-02-04 14:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At39.job
[2010-02-04 03:00:11 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2010-02-04 15:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At40.job
[2010-02-04 16:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At41.job
[2010-02-04 17:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At42.job
[2010-02-03 18:00:01 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At43.job
[2010-02-03 19:00:02 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At44.job
[2010-02-03 20:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At45.job
[2010-02-03 21:00:19 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At46.job
[2010-02-03 22:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At47.job
[2010-01-28 18:53:06 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At48.job
[2010-02-04 04:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2010-02-04 05:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2010-02-04 06:00:22 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At7.job
[2010-02-04 07:00:00 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At8.job
[2010-02-04 08:00:09 | 000,000,358 | ---- | M] () -- C:\Windows\Tasks\At9.job
[2010-01-28 20:29:39 | 000,009,540 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2009-08-08 19:34:35 | 003,929,376 | ---- | M] (Blitware ) -- C:\DriverRobot_Setup.exe
[2009-10-07 07:21:25 | 000,925,897 | ---- | M] (WipeSoft ) -- C:\file_shredder_setup.exe
[2009-07-22 16:56:25 | 027,917,616 | ---- | M] () -- C:\snagit.exe
[2009-08-02 17:00:06 | 018,015,723 | ---- | M] () -- C:\vlc-1.0.1-win32.exe


< MD5 for: AGP440.SYS >
[2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009-07-14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2010-02-04 16:19:45 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009-07-14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009-07-14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009-07-14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009-07-14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009-07-14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009-07-14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009-07-14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009-07-14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009-07-14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010-01-30 23:55:52 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

< %systemroot%\System32\config\*.sav >

< End of report >


extras:

OTL Extras logfile created on: 04-02-2010 17:16:13 - Run 1
OTL by OldTimer - Version 3.1.27.1 Folder = C:\Users\hansen\Desktop
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000406 | Country: Danmark | Language: DAN | Date Format: dd-MM-yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 55,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,50 Gb Total Space | 724,43 Gb Free Space | 77,77% Space Free | Partition Type: NTFS
Drive D: | 149,05 Gb Total Space | 14,85 Gb Free Space | 9,96% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
Drive F: | 465,76 Gb Total Space | 237,30 Gb Free Space | 50,95% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 232,88 Gb Total Space | 134,02 Gb Free Space | 57,55% Space Free | Partition Type: NTFS
Drive L: | 1,86 Gb Total Space | 0,74 Gb Free Space | 40,06% Space Free | Partition Type: FAT32

Computer Name: HANSEN-PC
Current User Name: hansen
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java™ 6 Update 18
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AC76BA86-7AD7-1030-7B44-A93000000001}" = Adobe Reader 9.3 - Dansk
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BC043E6C-A31C-468E-A699-8B1073A4C6FE}" = Street Legal Racing - Redline
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{E82FBDF4-8C05-4513-B8D8-2331135ECA22}_is1" = MKV to DVD Converter
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVG9Uninstall" = AVG Free 9.0
"Avi2Dvd" = Avi2Dvd 0.5
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"ERUNT_is1" = ERUNT 1.1j
"Farm Frenzy 3 American Pie1.0" = Farm Frenzy 3 American Pie
"ffdshow_is1" = ffdshow [rev 2844] [2009-03-30]
"Fix-It-Up - World Tour_is1" = Fix-It-Up - World Tour
"FrostWire" = FrostWire 4.18.6
"GrabIt_is1" = GrabIt 1.7.2 Beta 4 (build 997)
"ImgBurn" = ImgBurn
"Liveupdate4_is1" = Liveupdate4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MKVtoolnix" = MKVtoolnix 3.1.0
"Mozilla Firefox (3.6)" = Mozilla Firefox (3.6)
"MyDefrag v4.2.7_is1" = MyDefrag v4.2.7
"NVIDIA Drivers" = NVIDIA Drivers
"SpeedFan" = SpeedFan (remove only)
"Total Video Converter 3.50_is1" = Total Video Converter 3.50
"VLC media player" = VLC media player 1.0.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR arkivering
"Xvid_is1" = Xvid 1.2.1 final uninstall

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 30-01-2010 18:55:27 | Computer Name = hansen-PC | Source = VSS | ID = 8194
Description =

Error - 30-01-2010 19:44:02 | Computer Name = hansen-PC | Source = Application Error | ID = 1000
Description = Navn på program med fejl: StreetLegal_Redline.exe, version: 2.3.0.3,
tidsstempel: 0x420765d4 Navn på modul med fejl: d3d9.dll, version: 6.1.7600.16385,
tidsstempel: 0x4a5bd9a9 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x00025abe
Proces-id
0x48c Programmets starttidspunkt 0x01caa20113acc1a8 Programsti: C:\Program Files\Street
Legal Racing\StreetLegal_Redline.exe Modulsti: C:\Windows\system32\d3d9.dll Rapport-id:
578004f7-0df9-11df-a0ad-0019db2065e4

Error - 31-01-2010 04:53:36 | Computer Name = hansen-PC | Source = Application Hang | ID = 1002
Description = Programmet iexplore.exe version 8.0.7600.16385 afbrød kommunikationen
med Windows og blev afsluttet. Hvis du vil se, om der findes flere oplysninger
om problemet, kan du læse om problemets historik via Løsningscenter. Proces-id: f18

Starttidspunkt:
01caa2189aa7e602 Afslutningstidspunkt: 391 Programsti: C:\Program Files\Internet
Explorer\iexplore.exe Rapport-id:

Error - 31-01-2010 10:10:39 | Computer Name = hansen-PC | Source = Application Error | ID = 1000
Description = Navn på program med fejl: StreetLegal_Redline.exe, version: 2.3.0.3,
tidsstempel: 0x420765d4 Navn på modul med fejl: d3d9.dll, version: 6.1.7600.16385,
tidsstempel: 0x4a5bd9a9 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x00088b16
Proces-id
0x150 Programmets starttidspunkt 0x01caa27bc33ba3a3 Programsti: C:\Program Files\Street
Legal Racing\StreetLegal_Redline.exe Modulsti: C:\Windows\system32\d3d9.dll Rapport-id:
68a2823d-0e72-11df-9122-0019db2065e4

Error - 01-02-2010 15:07:24 | Computer Name = hansen-PC | Source = Application Error | ID = 1000
Description = Navn på program med fejl: StreetLegal_Redline.exe, version: 2.3.0.3,
tidsstempel: 0x420765d4 Navn på modul med fejl: StreetLegal_Redline.exe, version:
2.3.0.3, tidsstempel: 0x420765d4 Undtagelseskode: 0xc0000005 Forskydning med fejl
0x00023064 Proces-id 0x1588 Programmets starttidspunkt 0x01caa3708b9a127e Programsti:
C:\Program Files\Street Legal Racing\StreetLegal_Redline.exe Modulsti: C:\Program
Files\Street Legal Racing\StreetLegal_Redline.exe Rapport-id: 0737bdc0-0f65-11df-a998-0019db2065e4

Error - 02-02-2010 08:21:08 | Computer Name = hansen-PC | Source = Application Error | ID = 1000
Description = Navn på program med fejl: StreetLegal_Redline.exe, version: 2.2.1.0,
tidsstempel: 0x420765d4 Navn på modul med fejl: StreetLegal_Redline.exe, version:
2.2.1.0, tidsstempel: 0x420765d4 Undtagelseskode: 0xc0000005 Forskydning med fejl
0x0004faeb Proces-id 0x88c Programmets starttidspunkt 0x01caa401dea79576 Programsti:
C:\Program Files\Street Legal Racing - Redline\StreetLegal_Redline.exe Modulsti:
C:\Program Files\Street Legal Racing - Redline\StreetLegal_Redline.exe Rapport-id:
70694df4-0ff5-11df-a03c-0019db2065e4

Error - 02-02-2010 12:45:38 | Computer Name = hansen-PC | Source = Lavasoft Ad-Aware Service | ID = 0
Description =

Error - 02-02-2010 14:27:31 | Computer Name = hansen-PC | Source = Application Error | ID = 1000
Description = Navn på program med fejl: StreetLegal_Redline.exe, version: 2.3.0.3,
tidsstempel: 0x420765d4 Navn på modul med fejl: d3d9.dll, version: 6.1.7600.16385,
tidsstempel: 0x4a5bd9a9 Undtagelseskode: 0xc0000005 Forskydning med fejl 0x0000ee8f
Proces-id
0xfb8 Programmets starttidspunkt 0x01caa431ad715bff Programsti: C:\Program Files\Street
Legal Racing1\StreetLegal_Redline.exe Modulsti: C:\Windows\system32\d3d9.dll Rapport-id:
9f596bcd-1028-11df-9fb1-0019db2065e4

Error - 03-02-2010 12:39:32 | Computer Name = hansen-PC | Source = Application Error | ID = 1000
Description = Navn på program med fejl: firefox.exe, version: 1.9.2.3667, tidsstempel:
0x4b5102f0 Navn på modul med fejl: DTToolbarFF.dll, version: 1.1.1.14, tidsstempel:
0x4b0bfe0f Undtagelseskode: 0xc000000d Forskydning med fejl 0x0009c0e6 Proces-id 0x7dc
Programmets
starttidspunkt 0x01caa4e620a1fb86 Programsti: C:\Program Files\Mozilla Firefox\firefox.exe
Modulsti:
C:\Users\hansen\AppData\Roaming\Mozilla\Firefox\Profiles\sfyqnyp0.default\extensions\[email protected]\components\DTToolbarFF.dll
Rapport-id:
b3d8b33b-10e2-11df-960b-0019db2065e4

Error - 03-02-2010 14:34:20 | Computer Name = hansen-PC | Source = Application Error | ID = 1000
Description = Navn på program med fejl: StreetLegal_Redline.exe, version: 2.3.0.3,
tidsstempel: 0x420765d4 Navn på modul med fejl: StreetLegal_Redline.exe, version:
2.3.0.3, tidsstempel: 0x420765d4 Undtagelseskode: 0xc0000005 Forskydning med fejl
0x00023064 Proces-id 0xc84 Programmets starttidspunkt 0x01caa4fdc048bdf8 Programsti:
C:\Program Files\Street Legal Racing1\StreetLegal_Redline.exe Modulsti: C:\Program
Files\Street Legal Racing1\StreetLegal_Redline.exe Rapport-id: bdc08479-10f2-11df-960b-0019db2065e4

[ System Events ]
Error - 03-02-2010 11:31:44 | Computer Name = hansen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Nogle funktioner for strømstyring af processorens ydeevne er deaktiveret
pga. et kendt firmwareproblem. Kontakt computerproducenten for at få opdateret
firmware.

Error - 03-02-2010 14:38:46 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7031
Description = Tjenesten AVG Free WatchDog blev afbrudt uventet. Dette er sket 1
gange. Følgende korrigerende handling foretages om 0 millisekunder: Restart the
service.

Error - 03-02-2010 14:38:48 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7034
Description = Tjenesten AVG Free E-mail Scanner afsluttede uventet. Dette er sket
1 gang(e).

Error - 03-02-2010 14:39:37 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7031
Description = Tjenesten AVG Free WatchDog blev afbrudt uventet. Dette er sket 1
gange. Følgende korrigerende handling foretages om 0 millisekunder: Restart the
service.

Error - 03-02-2010 14:39:37 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7034
Description = Tjenesten AVG Free E-mail Scanner afsluttede uventet. Dette er sket
2 gang(e).

Error - 04-02-2010 11:18:28 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7016
Description = Tjenesten NVIDIA Display Driver Service har rapporteret en ugyldig
aktuel tilstand 32.

Error - 04-02-2010 11:19:40 | Computer Name = hansen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Nogle funktioner for strømstyring af processorens ydeevne er deaktiveret
pga. et kendt firmwareproblem. Kontakt computerproducenten for at få opdateret
firmware.

Error - 04-02-2010 11:47:36 | Computer Name = hansen-PC | Source = Service Control Manager | ID = 7034
Description = Tjenesten NVIDIA Display Driver Service afsluttede uventet. Dette
er sket 1 gang(e).

Error - 04-02-2010 11:49:07 | Computer Name = hansen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Nogle funktioner for strømstyring af processorens ydeevne er deaktiveret
pga. et kendt firmwareproblem. Kontakt computerproducenten for at få opdateret
firmware.

Error - 04-02-2010 11:51:00 | Computer Name = hansen-PC | Source = WMPNetworkSvc | ID = 866300
Description =


< End of report >


ark.txt:

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-04 17:06:23
Windows 6.1.7600
Running: gmer.exe; Driver: C:\Users\hansen\AppData\Local\Temp\uxryrpoc.sys


---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C48AF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C48104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C483F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C30FB4
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C481DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C48958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C486F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C48F2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81C491A8

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 83E5B1F8
Device \FileSystem\fastfat \FatCdrom 84FF11F8
Device \Driver\volmgr \Device\VolMgrControl 83E571F8
Device \Driver\usbuhci \Device\USBPDO-0 850201F8
Device \Driver\PCI_PNP8870 \Device\00000052 spqx.sys
Device \Driver\usbuhci \Device\USBPDO-1 850201F8
Device \Driver\usbuhci \Device\USBPDO-2 850201F8
Device \Driver\usbuhci \Device\USBPDO-3 850201F8
Device \Driver\usbehci \Device\USBPDO-4 84EEE500

AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\volmgr \Device\HarddiskVolume1 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000071 84E9A500
Device \Driver\volmgr \Device\HarddiskVolume2 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000072 84E9A500
Device \Driver\cdrom \Device\CdRom0 84E96498
Device \Driver\volmgr \Device\HarddiskVolume3 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\NetBT \Device\NetBT_Tcpip_{4B8E7CBB-0FDF-4F92-85EF-F0C64347FCF3} 84F181F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 83E591F8
Device \Driver\atapi \Device\Ide\IdePort0 83E591F8
Device \Driver\atapi \Device\Ide\IdePort1 83E591F8
Device \Driver\atapi \Device\Ide\IdePort2 83E591F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-3 83E591F8
Device \Driver\cdrom \Device\CdRom1 84E96498
Device \Driver\volmgr \Device\HarddiskVolume4 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000080 84E9A500
Device \Driver\volmgr \Device\HarddiskVolume5 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000075 84E9A500
Device \Driver\USBSTOR \Device\00000081 84E9A500
Device \Driver\volmgr \Device\HarddiskVolume6 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\USBSTOR \Device\00000076 84E9A500
Device \Driver\volmgr \Device\HarddiskVolume7 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\ACPI_HAL \Device\0000004a halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\USBSTOR \Device\00000077 84E9A500
Device \Driver\NetBT \Device\NetBt_Wins_Export 84F181F8
Device \Driver\USBSTOR \Device\00000083 84E9A500
Device \Driver\volmgr \Device\HarddiskVolume8 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\volmgr \Device\HarddiskVolume9 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume9 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\sptd \Device\2365600120 spqx.sys
Device \Driver\usbuhci \Device\USBFDO-0 850201F8
Device \Driver\usbuhci \Device\USBFDO-1 850201F8
Device \Driver\usbuhci \Device\USBFDO-2 850201F8
Device \Driver\USBSTOR \Device\0000007b 84E9A500
Device \Driver\usbuhci \Device\USBFDO-3 850201F8
Device \Driver\USBSTOR \Device\0000007c 84E9A500
Device \Driver\usbehci \Device\USBFDO-4 84EEE500
Device \Driver\USBSTOR \Device\0000007d 84E9A500
Device \Driver\USBSTOR \Device\0000007e 84E9A500
Device \Driver\USBSTOR \Device\0000007f 84E9A500
Device \Driver\volmgr \Device\HarddiskVolume10 83E571F8

AttachedDevice \Driver\volmgr \Device\HarddiskVolume10 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\axfplq3q \Device\Scsi\axfplq3q1Port3Path0Target0Lun0 8510B1F8
Device \Driver\axfplq3q \Device\Scsi\axfplq3q1 8510B1F8
Device \FileSystem\fastfat \Fat 84FF11F8

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filsystem Filterstyring/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\[email protected] 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\[email protected] 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\[email protected] 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0xBE 0x8F 0x1F 0x2A ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x78 0x14 0x02 0x0C ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0xC8 0x77 0xCD 0xCD ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0xBE 0x8F 0x1F 0x2A ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\0[email protected] 0x78 0x14 0x02 0x0C ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\[email protected] 0xC8 0x77 0xCD 0xCD ...

---- EOF - GMER 1.0.15 ----


mbam:

Malwarebytes' Anti-Malware 1.44
Database version: 3689
Windows 6.1.7600
Internet Explorer 8.0.7600.16385

04-02-2010 17:13:37
mbam-log-2010-02-04 (17-13-37).txt

Skan type: Hurtig skanning
Objekter skannet: 97256
Tid tilbagelagt: 5 minute(s), 59 second(s)

Inficerede Hukommelses Processer: 0
Inficerede Hukommelses Moduler: 0
Inficerede Registeringsdatabase Nøgler: 1
Inficerede Registeringsdatabase Værdier: 0
Inficerede Registeringsdatabase Filer: 0
Inficerede Mapper: 0
Inficerede Filer: 0

Inficerede Hukommelses Processer:
(Ingen mistænkelige filer fundet)

Inficerede Hukommelses Moduler:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Nøgler:
HKEY_CURRENT_USER\SOFTWARE\BMIMZMHMFM (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Inficerede Registeringsdatabase Værdier:
(Ingen mistænkelige filer fundet)

Inficerede Registeringsdatabase Filer:
(Ingen mistænkelige filer fundet)

Inficerede Mapper:
(Ingen mistænkelige filer fundet)

Inficerede Filer:
(Ingen mistænkelige filer fundet)
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP